Phishing emails can usually be spotted by a number of tell-tale attributes; they are addressed to ‘dear customer’ rather than to you by name, they are in poor English, and they involve some ludicrous amount of money and a dubious foreign connection.
However, there is a type of email currently doing the rounds that is different (known as ransomware). It is addressed to you by name, it contains your address or other details (probably stolen from hacked web sites), and it involves a reasonable amount of money (say £800 or £1,500) which is allegedly owed to a genuine UK Company. Invariably an invoice or further information is supposedly contained in an attachment.
The attachment is potentially extremely damaging. It contains a malicious program which is designed to encrypt any data stored on your machine and any ‘mapped drives’ (hard disks shared on other workstations or servers on your network). There is currently no way of repairing the damage caused to your files except by paying the requested ransom, which is generally several hundred pounds payable by non-traceable ‘bitcoins’ and is far from guaranteed.
A data backup will not necessarily help in such cases, as once your data has been encrypted any backup operation will overwrite the good files on the backup with the newly-encrypted ones.
Clearly this can be disastrous for a business, so how to prevent it happening to you? Any such emails should be deleted immediately WITHOUT opening the attachment. A good internet security package is a must.
We also suggest that in addition to any automated backup process you have (you do make regular backups don’t you….) you also have an external hard disk or USB memory stick that you copy any critical data on at regular intervals and then disconnect from your system. That way, if you are hit by this type of disaster, you can recover all your data up to the time it was last backed up.
The purpose of this article is not to generate panic, rather to inform you about this potentially very serious problem. Forewarned is forearmed as they say; being aware of a problem gives you the best means of defending against it.
Here is the BBC’s take on ransomware.